Consultant (Security & Compliance)
Share
Job Location:
Monthly Salary:
Posted on:
20 hours ago
Vacancies:
1 Vacancy
Job Summary
The Company
Founded in 1999 we are a global technology enabler and pioneer in offering end-to-end software development and maintenance services through team augmentation with expertise in the rapidly growing and evolving tech ecosystems of Scandinavia and beyond. We specialise in building and managing dedicated high-performing software development teams with full stack development competencies. Our products power leading organisations across several sectors including healthcare construction oil and gas marine logistics manufacturing retail finance travel and hospitality education and more.
From insights to software development we take an industry-agnostic approach and offer a comprehensive tech stack and domain knowledge to deliver innovations at speed and scale. Collectively our company manages 700 tech professionals under its brand. For over 25 years we co-create the evolution of our clients software applications while actively participating in the innovation journey and product strategy through exceptional delivery of tech services. Partner with us for tech-inspired collaborations; together we build.
The Role
We are seeking an individual to support our software engineering team in designing developing and deploying cloud services that meet FedRAMP security requirements. This role is advisory and hands-on focused on embedding security and compliance into cloud-native architectures from the outset of the software development lifecycle.
The consultant will act as a subject-matter expert guiding the engineering team on the implementation and ongoing adherence to the FedRAMP control baseline to enable the development of cloud services that process federal data or are intended for use by federal agencies.
Responsibilities
- Guide software engineering team on integrating FedRAMP security and privacy controls into cloud services during design development and deployment.
- Provide awareness training and practical guidance on FedRAMP concepts requirements and best practices to technical and non-technical stakeholders.
- Interpret the FedRAMP control catalog (e.g. based on NIST SP 800-53) and translate requirements into actionable technical and procedural controls.
- Advise on secure cloud architectures CI/CD pipelines infrastructure-as-code and automation aligned with FedRAMP expectations.
- Collaborate with the team to ensure continuous compliance throughout the development lifecycle.
- Identify gaps and improvement opportunities related to FedRAMP compliance and recommend remediation strategies.
- Stay current with FedRAMP guidance updates and evolving federal cloud security requirements.
Qualifications
- Proven experience with FedRAMP compliance assessments or authorization processes.
- Strong understanding of cloud security principles and architectures (e.g. Azure AWS Google).
- Experience working with software development teams in agile or cloud-native environments.
- Working knowledge of NIST SP 800-53 security controls and their application in cloud systems.
- Ability to translate regulatory and compliance requirements into practical technical guidance.
- Strong communication skills with the ability to explain complex security concepts to diverse audiences.
Preferred
- Experience supporting FedRAMP Moderate or High impact level systems.
- Experience working with or supporting software solutions for U.S. federal agencies.
- Relevant certifications (e.g. CISSP CISM CCSP AWS/Azure security certifications).
Benefits
- Great Remuneration
- Flexible Work Arrangement
- Performance Bonus
- Private Health Insurance
- Accelerated Career Growth
- Latest Tech Equipment
- International Exposure
- Exciting Company Events
Required Experience:
Contract
Key Skills
- ISO 27001
- B2B Sales
- SafeNet
- IDS
- Risk Management
- PCI
- NIST Standards
- Salt
- Information Security
- Customer relationship management
- Encryption
- FISMA
About Company
Nextjob is a boutique technical staffing firm located in the suburbs of Colombo. Our expertise is mainly in sourcing and placing high-end, niche IT, Tech & Engineering talent with some of the best employers worldwide. Our key services are headhunting, full life cycle recruitment & exe ... View more
